FFIEC Cybersecurity Assessment Tool for Financial Institutions: The Road Ahead
On June 30, 2015 the Federal Financial Institutions Examination Council (FFIEC) released its much awaited Cybersecurity Assessment Tool which is designed to help financial institutions and regulators identify cybersecurity attack risks and to measure security preparedness as well. The assessment may be able provide an adaptable approach for financial institutions and businesses, but, it also creates uncertainties about how regulators may view the Assessment output and how it may interact or differ from the present tools used by financial institutions.
In this two-hour LIVE Webcast, a panel of thought leaders and professionals assembled by The Knowledge Group will provide the audience with an in-depth discussion of the fundamentals as well as the recent developments surrounding the FFIEC Cybersecurity Assessment Tool. They will help the audience understand all the important aspects of this remarkable topic. Speakers will also offer best practices on how to reduce potential attack, risks and costs.
Key topics include:
- Cyber Security Assessment Tool - A 2016 Perspective
- Assessment Tool - Implications and Legal Challenges
- Evaluating Inherent Risks & Cyber Security Maturity
- Impact of Cyber Threats to Financial Institutions
- Up-to-the-minute Regulatory Developments
Tony DaSilva, S&R Senior Technical Expert
Federal Reserve Bank of Atlanta
- Cybersecurity Framework
- SR 15-9: Cybersecurity Assessment Tool
- The 5 Domains
- Assessment Tool Components
- The institution’s progress within each domain will be represented by a maturity rating
- Inherent Risk Profile –Risk Levels
- Five Domains & Assessment Factors
- Inherent Risk Profile –Risk Levels
- Six-Step Cyber Threat Intelligence Process for Financial Institutions
- Threat Intelligence Information Sources
Nick Roberts, Senior Research Manager
- How to get to Baseline AND Beyond in the FFIEC Cybersecurity Assessment Tool
- How using a vertical specific solution such as DefenseStorm can ease regulatory concerns
- Why community banks and credit unions should rely on 3rd party experts to handle their cybersecurity programs
- Benefits of a security data platform
- How can you see into every part of your network using a single system?
Alejandro Mijares, IT Manager
Kaufman Rossin , PA
- Dark Web and cybercrime
- Notes from the Fed, OCC, and FDIC
- CAT in numbers
- CAT Implementation (Inherent Risk, Maturity level, and Gap analysis)
- CAT Observations (Pros & Cons)
Who Should Attend:
- Financial Lawyers
- Financial Institutions
- Top Level Management
- Financial and Executive Directors
- Chief Financial Officers
- Financial Officers
- In-house Counsel
- Regulatory and Compliance Personnel
- Senior Financial Professionals
- Cyber Security Professionals
- Other Interested Professionals
Nick Roberts has over 15 years of experience in information technology, cybersecurity and the startup industry. Previously he has worked with large Fortune 500 companies such as Cox Communications, Nasdaq IPO firm GoDaddy and Nationally ranked healthcare provider Virginia Mason. Nick has been a featured speaker on over 20 cybersecurity webinars and has covered various cybersecurity topics including threat research, compliance, technology and regulatory concerns. He regularly publishes articles on cybersecurity and has been featured in multiple news outlets. Nick holds a Masters in Industrial and Organizational Psychology from Grand Canyon University.
Nick Roberts has over 15 years of experience in information technology, cybersecurity and the startup industry. Previously he has worked …
Tony DaSilva is a Supervision and Regulation Subject Matter Expert and has been with the Federal Reserve Bank of Atlanta since 2003. He is a member of the Community Bank Organizations Group focusing on back office operations functions, IT, and payment processing functions.
Mr. DaSilva has 21 years of commercial banking experience. He began his banking career at the Citizens & Southern Bank of Georgia, now Bank of America where he spent 18 years in various operations management positions. Prior to joining the Atlanta Fed, he was the Vice President of Marketing and Product Management for Prudential Bank. He has held management and senior management positions in deposit operations, item processing, credit card, merchant credit card, ACH, loan processing, branch support, and remittance processing operations. He also has product, marketing, sales, project, and client relations management experience. He was a participant at the FFIEC IT Symposium from which the Remote Deposit Capture guidance originated; he also is one of the primary contributors to the revision of the FFIEC's IT examination handbook on Retail Payments. He is an instructor for domestic and international banking courses, faculty member of The Payments Institute, and a regular speaker at national and regional conferences.
Mr. DaSilva received his bachelor’s degree from the University of North Georgia and master’s degree in management from the University of Alabama Huntsville. He is an Accredited ACH Professional and a Certified Information Systems Auditor.
Tony DaSilva is a Supervision and Regulation Subject Matter Expert and has been with the Federal Reserve Bank of Atlanta …
Alejandro Mijares is Risk Advisory Services Manager at Kaufman Rossin where he provides internal IT audit, system validation, and information security review services to financial institutions supervised by the FDIC, FRB, State of Florida, and OCC. He has performed IT and Cybersecurity risk assessments, IT controls reviews, and evaluation of IT governance regulations and processes for more than 25 banks and foreign agencies in Florida. Alejandro’s work experience also includes analyzing and evaluating information technology security risks and internal controls, process mapping, system validation, SSAE 16 review services, and providing Sarbanes-Oxley external and internal audits for clients in a variety of industries, including financial services companies, healthcare, retail and technology. He is a Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC), with a Master’s degree in Management Information Systems and a Bachelor’s degree in Accounting and Information Systems.
Alejandro Mijares is Risk Advisory Services Manager at Kaufman Rossin where he provides internal IT audit, system validation, and information …
Print and review course materials
Method of Presentation:
NASBA Field of Study:
Information Technology - Technical
NY Category of CLE Credit:
Unlock All The Knowledge and Credit You Need
Leading Provider of Online Continuing Education
It's As Easy as 1, 2, 3
Get Your 1-Year All Access Pass For Only $199
DefenseStorm is a Security Data Platform that watches everything on your network and matches it to your policies, providing cybersecurity management that is safe, compliant and cost effective. Built from the ground up in the cloud, DefenseStorm unifies detection, investigation, reporting, and compliance into a single place to manage cybersecurity data. Formed by bankers and technology experts, DefenseStorm aggregates event data across all cybersecurity tools and links policies to real-time alerts, so that financial institutions can prove to regulators they are both secure and compliant with evolving FFIEC cybersecurity requirements.
About Federal Reserve Bank of Atlanta
About Kaufman Rossin , PA
Kaufman Rossin has represented Florida businesses for more than 50 years and serves international clients in dozens of countries. The CPA and advisory firm is one of the largest in the U.S., providing traditional accounting, audit and tax services, as well as business, risk and forensic advisory services. The firm has won significant awards, including repeat honors as the Best Accounting Firm to Work For among large firms nationwide and locally. With more than 300 team members, the firm prides itself on offering the resources of a powerhouse, personally delivered. Go beyond the numbers at kaufmanrossin.com.